Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257311	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

257312	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

257313	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

257314	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
265981	9.8	CRITICAL Network	php	php	The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-6288	2024-11-21 11:55	2016-07-25	Show	GitHub Exploit DB Packet Storm

265982	6.1	MEDIUM Network	siemens	sinema_remote_connect_server	Cross-site scripting (XSS) vulnerability in the integrated web server in Siemens SINEMA Remote Connect Server before 1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted U…	CWE-79 Cross-site Scripting	CVE-2016-6204	2024-11-21 11:55	2016-07-23	Show	GitHub Exploit DB Packet Storm

265983	7.5	HIGH Network	siemens	simatic_net_pc-software	Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers to cause a denial of service (OPC UA service outage) via crafted TCP packets.	CWE-20 Improper Input Validation	CVE-2016-5874	2024-11-21 11:55	2016-07-23	Show	GitHub Exploit DB Packet Storm

265984	3.3	LOW Local	ecryptfs canonical	ecryptfs-utils ubuntu_linux	ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obt…	CWE-20 Improper Input Validation	CVE-2016-6224	2024-11-21 11:55	2016-07-22	Show	GitHub Exploit DB Packet Storm

265985	8.1	HIGH Network	tollgrade	lighthouse_sms	Tollgrade LightHouse SMS before 5.1 patch 3 allows remote authenticated users to bypass an intended administrative-authentication requirement, and read or change parameter values, via a direct reques…	CWE-284 Improper Access Control	CVE-2016-5807	2024-11-21 11:55	2016-07-16	Show	GitHub Exploit DB Packet Storm

265986	9.8	CRITICAL Network	moxa	mgate_mb3180_firmware mgate_mb3280_firmware mgate_mb3480_firmware mgate_mb3170_firmware mgate_mb3270_firmware	Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authe…	CWE-326 Inadequate Encryption Strength	CVE-2016-5804	2024-11-21 11:55	2016-07-16	Show	GitHub Exploit DB Packet Storm

265987	5.3	MEDIUM Network	tollgrade	lighthouse_sms	Tollgrade LightHouse SMS before 5.1 patch 3 provides different error messages for failed authentication attempts depending on whether the username exists, which allows remote attackers to enumerate a…	CWE-200 Information Exposure	CVE-2016-5797	2024-11-21 11:55	2016-07-16	Show	GitHub Exploit DB Packet Storm

265988	7.5	HIGH Network	enghousenetworks	lighthouse_sms	Tollgrade LightHouse SMS before 5.1 patch 3 allows remote attackers to bypass authentication and restart the software via unspecified vectors.	NVD-CWE-noinfo	CVE-2016-5790	2024-11-21 11:55	2016-07-16	Show	GitHub Exploit DB Packet Storm

265989	6.3	MEDIUM Local	ge	cimplicity	General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2016-5787	2024-11-21 11:55	2016-07-16	Show	GitHub Exploit DB Packet Storm

265990	7.8	HIGH Local	huawei	hisuite	Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.301 (China) use a weak ACL (FILE_WRITE_DATA for BUILTIN\Users) for the HiSuite service directory, which allows local users to gain …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-5821	2024-11-21 11:55	2016-07-14	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed